Home | History | Annotate | Download | only in selinux 
      1 #ifndef _SELINUX_H_
      2 #define _SELINUX_H_
      3 
      4 #include <sys/types.h>
      5 #include <stdarg.h>
      6 
      7 #ifdef __cplusplus
      8 extern "C" {
      9 #endif
     10 
     11 /* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
     12 extern int is_selinux_enabled(void);
     13 /* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
     14 extern int is_selinux_mls_enabled(void);
     15 
     16 typedef char *security_context_t;
     17 
     18 /* Free the memory allocated for a context by any of the below get* calls. */
     19 extern void freecon(security_context_t con);
     20 
     21 /* Free the memory allocated for a context array by security_compute_user. */
     22 extern void freeconary(security_context_t * con);
     23 
     24 /* Wrappers for the /proc/pid/attr API. */
     25 
     26 /* Get current context, and set *con to refer to it.
     27    Caller must free via freecon. */
     28 extern int getcon(security_context_t * con);
     29 
     30 /* Set the current security context to con.
     31    Note that use of this function requires that the entire application
     32    be trusted to maintain any desired separation between the old and new
     33    security contexts, unlike exec-based transitions performed via setexeccon.
     34    When possible, decompose your application and use setexeccon()+execve()
     35    instead. Note that the application may lose access to its open descriptors
     36    as a result of a setcon() unless policy allows it to use descriptors opened
     37    by the old context. */
     38 extern int setcon(const security_context_t con);
     39 
     40 /* Get context of process identified by pid, and
     41    set *con to refer to it.  Caller must free via freecon. */
     42 extern int getpidcon(pid_t pid, security_context_t * con);
     43 
     44 /* Get previous context (prior to last exec), and set *con to refer to it.
     45    Caller must free via freecon. */
     46 extern int getprevcon(security_context_t * con);
     47 
     48 /* Get exec context, and set *con to refer to it.
     49    Sets *con to NULL if no exec context has been set, i.e. using default.
     50    If non-NULL, caller must free via freecon. */
     51 extern int getexeccon(security_context_t * con);
     52 
     53 /* Set exec security context for the next execve.
     54    Call with NULL if you want to reset to the default. */
     55 extern int setexeccon(const security_context_t con);
     56 
     57 /* Get fscreate context, and set *con to refer to it.
     58    Sets *con to NULL if no fs create context has been set, i.e. using default.
     59    If non-NULL, caller must free via freecon. */
     60 extern int getfscreatecon(security_context_t * con);
     61 
     62 /* Set the fscreate security context for subsequent file creations.
     63    Call with NULL if you want to reset to the default. */
     64 extern int setfscreatecon(const security_context_t context);
     65 
     66 /* Get keycreate context, and set *con to refer to it.
     67    Sets *con to NULL if no key create context has been set, i.e. using default.
     68    If non-NULL, caller must free via freecon. */
     69 extern int getkeycreatecon(security_context_t * con);
     70 
     71 /* Set the keycreate security context for subsequent key creations.
     72    Call with NULL if you want to reset to the default. */
     73 extern int setkeycreatecon(const security_context_t context);
     74 
     75 /* Get sockcreate context, and set *con to refer to it.
     76    Sets *con to NULL if no socket create context has been set, i.e. using default.
     77    If non-NULL, caller must free via freecon. */
     78 extern int getsockcreatecon(security_context_t * con);
     79 
     80 /* Set the sockcreate security context for subsequent socket creations.
     81    Call with NULL if you want to reset to the default. */
     82 extern int setsockcreatecon(const security_context_t context);
     83 
     84 /* Wrappers for the xattr API. */
     85 
     86 /* Get file context, and set *con to refer to it.
     87    Caller must free via freecon. */
     88 extern int getfilecon(const char *path, security_context_t * con);
     89 extern int lgetfilecon(const char *path, security_context_t * con);
     90 extern int fgetfilecon(int fd, security_context_t * con);
     91 
     92 /* Set file context */
     93 extern int setfilecon(const char *path, security_context_t con);
     94 extern int lsetfilecon(const char *path, security_context_t con);
     95 extern int fsetfilecon(int fd, security_context_t con);
     96 
     97 /* Wrappers for the socket API */
     98 
     99 /* Get context of peer socket, and set *con to refer to it.
    100    Caller must free via freecon. */
    101 extern int getpeercon(int fd, security_context_t * con);
    102 
    103 /* Wrappers for the selinuxfs (policy) API. */
    104 
    105 typedef unsigned int access_vector_t;
    106 typedef unsigned short security_class_t;
    107 
    108 struct av_decision {
    109 	access_vector_t allowed;
    110 	access_vector_t decided;
    111 	access_vector_t auditallow;
    112 	access_vector_t auditdeny;
    113 	unsigned int seqno;
    114 	unsigned int flags;
    115 };
    116 
    117 /* Definitions of av_decision.flags */
    118 #define SELINUX_AVD_FLAGS_PERMISSIVE	0x0001
    119 
    120 /* Structure for passing options, used by AVC and label subsystems */
    121 struct selinux_opt {
    122 	int type;
    123 	const char *value;
    124 };
    125 
    126 /* Callback facilities */
    127 union selinux_callback {
    128 	/* log the printf-style format and arguments,
    129 	   with the type code indicating the type of message */
    130 	int
    131 #ifdef __GNUC__
    132 __attribute__ ((format(printf, 2, 3)))
    133 #endif
    134 	(*func_log) (int type, const char *fmt, ...);
    135 	/* store a string representation of auditdata (corresponding
    136 	   to the given security class) into msgbuf. */
    137 	int (*func_audit) (void *auditdata, security_class_t cls,
    138 			   char *msgbuf, size_t msgbufsize);
    139 	/* validate the supplied context, modifying if necessary */
    140 	int (*func_validate) (security_context_t *ctx);
    141 	/* netlink callback for setenforce message */
    142 	int (*func_setenforce) (int enforcing);
    143 	/* netlink callback for policyload message */
    144 	int (*func_policyload) (int seqno);
    145 };
    146 
    147 #define SELINUX_CB_LOG		0
    148 #define SELINUX_CB_AUDIT	1
    149 #define SELINUX_CB_VALIDATE	2
    150 #define SELINUX_CB_SETENFORCE	3
    151 #define SELINUX_CB_POLICYLOAD	4
    152 
    153 extern union selinux_callback selinux_get_callback(int type);
    154 extern void selinux_set_callback(int type, union selinux_callback cb);
    155 
    156 	/* Logging type codes, passed to the logging callback */
    157 #define SELINUX_ERROR	        0
    158 #define SELINUX_WARNING		1
    159 #define SELINUX_INFO		2
    160 #define SELINUX_AVC		3
    161 
    162 /* Compute an access decision. */
    163 extern int security_compute_av(const security_context_t scon,
    164 			       const security_context_t tcon,
    165 			       security_class_t tclass,
    166 			       access_vector_t requested,
    167 			       struct av_decision *avd);
    168 
    169 /* Compute a labeling decision and set *newcon to refer to it.
    170    Caller must free via freecon. */
    171 extern int security_compute_create(const security_context_t scon,
    172 				   const security_context_t tcon,
    173 				   security_class_t tclass,
    174 				   security_context_t * newcon);
    175 
    176 /* Compute a relabeling decision and set *newcon to refer to it.
    177    Caller must free via freecon. */
    178 extern int security_compute_relabel(const security_context_t scon,
    179 				    const security_context_t tcon,
    180 				    security_class_t tclass,
    181 				    security_context_t * newcon);
    182 
    183 /* Compute a polyinstantiation member decision and set *newcon to refer to it.
    184    Caller must free via freecon. */
    185 extern int security_compute_member(const security_context_t scon,
    186 				   const security_context_t tcon,
    187 				   security_class_t tclass,
    188 				   security_context_t * newcon);
    189 
    190 /* Compute the set of reachable user contexts and set *con to refer to
    191    the NULL-terminated array of contexts.  Caller must free via freeconary. */
    192 extern int security_compute_user(const security_context_t scon,
    193 				 const char *username,
    194 				 security_context_t ** con);
    195 
    196 /* Load a policy configuration. */
    197 extern int security_load_policy(void *data, size_t len);
    198 
    199 /* Get the context of an initial kernel security identifier by name.
    200    Caller must free via freecon */
    201 extern int security_get_initial_context(const char *name,
    202 					security_context_t * con);
    203 
    204 /* Translate boolean strict to name value pair. */
    205 typedef struct {
    206 	char *name;
    207 	int value;
    208 } SELboolean;
    209 /* save a list of booleans in a single transaction.  */
    210 extern int security_set_boolean_list(size_t boolcnt,
    211 				     SELboolean * boollist, int permanent);
    212 
    213 /* Check the validity of a security context. */
    214 extern int security_check_context(const security_context_t con);
    215 
    216 /* Canonicalize a security context. */
    217 extern int security_canonicalize_context(const security_context_t con,
    218 					 security_context_t * canoncon);
    219 
    220 /* Get the enforce flag value. */
    221 extern int security_getenforce(void);
    222 
    223 /* Set the enforce flag value. */
    224 extern int security_setenforce(int value);
    225 
    226 /* Get the behavior for undefined classes/permissions */
    227 extern int security_deny_unknown(void);
    228 
    229 /* Disable SELinux at runtime (must be done prior to initial policy load). */
    230 extern int security_disable(void);
    231 
    232 /* Get the policy version number. */
    233 extern int security_policyvers(void);
    234 
    235 /* Get the boolean names */
    236 extern int security_get_boolean_names(char ***names, int *len);
    237 
    238 /* Get the pending value for the boolean */
    239 extern int security_get_boolean_pending(const char *name);
    240 
    241 /* Get the active value for the boolean */
    242 extern int security_get_boolean_active(const char *name);
    243 
    244 /* Set the pending value for the boolean */
    245 extern int security_set_boolean(const char *name, int value);
    246 
    247 /* Commit the pending values for the booleans */
    248 extern int security_commit_booleans(void);
    249 
    250 /* Userspace class mapping support */
    251 struct security_class_mapping {
    252 	const char *name;
    253 	const char *perms[sizeof(access_vector_t) * 8 + 1];
    254 };
    255 
    256 extern int selinux_set_mapping(struct security_class_mapping *map);
    257 
    258 /* Common helpers */
    259 
    260 /* Convert between security class values and string names */
    261 extern security_class_t string_to_security_class(const char *name);
    262 extern const char *security_class_to_string(security_class_t cls);
    263 
    264 /* Convert between individual access vector permissions and string names */
    265 extern const char *security_av_perm_to_string(security_class_t tclass,
    266 					      access_vector_t perm);
    267 extern access_vector_t string_to_av_perm(security_class_t tclass,
    268 					 const char *name);
    269 
    270 /* Returns an access vector in a string representation.  User must free the
    271  * returned string via free(). */
    272 extern int security_av_string(security_class_t tclass,
    273 			      access_vector_t av, char **result);
    274 
    275 /* Check permissions and perform appropriate auditing. */
    276 extern int selinux_check_access(const security_context_t scon,
    277 				const security_context_t tcon,
    278 				const char *tclass,
    279 				const char *perm, void *aux);
    280 
    281 /* Set the path to the selinuxfs mount point explicitly.
    282    Normally, this is determined automatically during libselinux
    283    initialization, but this is not always possible, e.g. for /sbin/init
    284    which performs the initial mount of selinuxfs. */
    285 void set_selinuxmnt(char *mnt);
    286 
    287 #ifdef __cplusplus
    288 }
    289 #endif
    290 #endif
    291